Analysis Overview
Threat Level: Known bad
The file https://www.lablancer.com/ was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Drops file in Program Files directory
Browser Information Discovery
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-23 20:15
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-23 20:15
Reported
2025-01-23 20:33
Platform
win10ltsc2021-20250113-en
Max time kernel
961s
Max time network
965s
Command Line
Signatures
Detected google phishing page
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20250123201555.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\3d58c61c-5ba1-4d5f-9206-2d4f1410662a.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.lablancer.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffc40db46f8,0x7ffc40db4708,0x7ffc40db4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2404 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff621195460,0x7ff621195470,0x7ff621195480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,5060322101362261835,12279703416673037377,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2712 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.lablancer.com | udp |
| US | 104.21.48.1:443 | www.lablancer.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 1.48.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.98.51.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.200.250.142.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| GB | 92.123.128.168:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 168.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lablancer.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.15.104.51.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5408de1548eb3231accfb9f086f2b9db |
| SHA1 | f2d8c7e9f3e26cd49ee0a7a4fecd70b2bf2b7e8a |
| SHA256 | 3052d0885e0ef0d71562958b851db519cfed36fd8e667b57a65374ee1a13a670 |
| SHA512 | 783254d067de3ac40df618665be7f76a6a8acb7e63b875bffc3c0c73b68d138c8a98c437e6267a1eb33f04be976a14b081a528598b1e517cdd9ad2293501acc8 |
\??\pipe\LOCAL\crashpad_2516_KGSEPAZZNQNVAXVA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 254fc2a9d1a15f391d493bff79f66f08 |
| SHA1 | 6165d5a9de512bb33a82d99d141a2562aa1aabfb |
| SHA256 | 2bf9282b87bdef746d298cff0734b9a82cd9c24656cb167b24a84c30fb6a1fd0 |
| SHA512 | 484a1c99ee3c3d1ebf0af5ec9e73c9a2ca3cf8918f0ba2a4b543b75fa587ec6b432866b74bcd6b5cdd9372532c882da438d44653bd5bccdbc94ebc27852ff9e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 514c7c99b8f5292e93b49c148338b3ff |
| SHA1 | 457034aa6c5e31cfc3ef69b1d5000b2829796d5d |
| SHA256 | 6aee38078f224095572fa3f0369bb022e809bf77d49fb9fd245efc62402b599f |
| SHA512 | 39d293b05b6f10789e956fc3baa26cd659081adb83009549e1745b404e292977f55fa0ed491e5091cd05588166d55df0c1a7670f89dd3dbb7d316653e49f388b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 48febe0b0625901956573dfb2378e7ed |
| SHA1 | c324173a8f8fd7a6a7398f6bb24dd2ee11d3cf24 |
| SHA256 | f0fae7ad33efdd05845d0d631ce8341ea4b6dfd4c45be844f0c117738df9c0d0 |
| SHA512 | fc38a0c64e67e3b5d43f787fe86f700e6f753d8e90bcebc446d4a8c631b9e4362a74fa862a5b2ffc74f3f5236d3ecf006b341042b5469d1cc24f2c325a607a91 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 6b245ca2b295728eaa610dc7204fb0f8 |
| SHA1 | d20a43311b45f5ff7bdd73185105cddfb39d2409 |
| SHA256 | 3d9ade761054bd16a5290256f4c130f348559bfe5c048c9a5e55264c25ba4eaa |
| SHA512 | 49732d7fc4da294fec4dd2210246e7cdf4f0cdb245870a74ac618e8111dfbf5bacb52d1d653c03e8feffb9c0c40fcafc889227e6f2d90c280fc6986629a127de |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 8621719b55078e8b2ed2ce0ede93ee7e |
| SHA1 | 462b1e280c14c0d2d226d6c3e550b7d6d31421e5 |
| SHA256 | dfee7a7afdc5ad638df16d4696a1dd9a82d2c83b5f73bb66c33adb11bca6e490 |
| SHA512 | cae63e52b6b6fc997e605c5e3541e71efc264642d6c9523d40aee868c598635690d20650a2d0f1195084d90bae12073e13752a89db07a7b8d7a338b990f4c252 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a08c6389f9949b8ef4b2c85234d7f2a7 |
| SHA1 | 39c8840e82ec6bc01a95bd18c18ef6944f0c2be4 |
| SHA256 | f81609b2a70bca72e634b9de5d2ccc67ba05a0155913c849d0cae62b1ac1ebce |
| SHA512 | 8a392d3426f95e55a7529cbd5110ed67bfa27f9c76a23e148c1e750f2312c0b78913550a27f83f2aa9fd8821f474be2983085d473926ad0b752133521f0dc546 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8353fc2d3dcaf81fac04a211b3316a3c |
| SHA1 | 6695ab3228aa598d21c1b13bdc1bd181d418df7f |
| SHA256 | 5835cb6e8f216d224f46a6545c6874238fe0abda7f458897eb2762b71769957c |
| SHA512 | f5c043e17d711502f018a3d651354a4b2198002b0f807faf808d2c24ee34267600251cb37bc0d8e669ef2e0d91171e5939b266c020489a56c26f37bf22df774b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | bc3a0ca62cfef580ff9ebbb7afc92b9b |
| SHA1 | fde9832ce521fcd53850d0701a543ef75b772e3b |
| SHA256 | b0203fb7c3812937e92ac04ad6065a2129bc165a36a60a4d2fdb0accc4499464 |
| SHA512 | fc1f3a5bd2106d9b6ed5a678c2f4978550a0d7414172b0ce6954a835b0da01ac28c177955a48c2ef56ea3d517a6672474a9cab873aeccae3f22a45ccf2d070de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 92ef21961b68228fcc918b264af947e9 |
| SHA1 | df9db5b007c97c22aad93ef9d060daeaa1b72b40 |
| SHA256 | 13a13aa3d7e85cb502bc24c1a2b1dccabb0f999696f50e43063938f88de9d999 |
| SHA512 | 771a165b9f4d072db9a909ca123b0d6734a528a93a465851b30f6a5b4d79f9e770181f5f99dc655196e2997f9cb4d7cbb585de5873eebdd57672258b5db57c6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | edbd36abb7eb9ba7b7650efc5930e14e |
| SHA1 | 55b3b7a4cf96ce4e266038a5db1859e17019e87c |
| SHA256 | 6a021874f32ca985cbebfb61f601b1fe23a6bd2d6bf3541505ed67ea65bb539f |
| SHA512 | 62f4fb7235003d0bc232129ebcf42493461a8292f0c9e49f9e1b82244f8988f6d0b92167737cd8bd32fcd511db0c2826a1d92cc78a7da5d34da0f1fd7fa9d4b6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 411902761ce02ed757e6bc66e6a84be7 |
| SHA1 | 350bc198b40570b5a3202f4b751c3ae82356a8b2 |
| SHA256 | 2b280eed72f5631b17cb2ad188b9eba35d033664ada77b0ea33dd1edd4d69aa0 |
| SHA512 | c43e94e1d577cb0fe3dffb33498b65e6dc6efbc31e779633076d6377ca6d6bdc93e646afae644b9892bae745445960bfe2110a60dcec755a430a936f5eba688e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 43e3935ed5211b0a4693b078df2a763d |
| SHA1 | c59fc136d2aabd37f1bb3bcf5c93f67fa505d8b5 |
| SHA256 | 9034b57ec9c06582602387051c539f013379ce1bec00ae1632b9edeb5c6757c1 |
| SHA512 | 6e388b6f75d6a18e3271afc2ac4c32f6fdc9a8ef497de0dda5d21105fd07fc6614fe2900465ef6ffe177d111b43ef612e4f776a19a1966e67e73b6590f655e1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c2613fc51f15f33eac6bbaaaa4bd0892 |
| SHA1 | 82f45bbdb6725a8623ae4e8ac471df794b39c886 |
| SHA256 | a71479693dd86c2948dc778146134fe67445ef33b3c9021b66c0cd96ee930613 |
| SHA512 | 88f1cb97edfb847695bdb8798acad26070c88fa4a8ec03899d151d3723a80e95d02829598db245c6c16b0d5afcf96726505a40b98c80e8ef3ce132e69a80a7c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe588b63.TMP
| MD5 | 2b04b018974e1570ef61a082bef2aef1 |
| SHA1 | b96ded0a40f2c31a84914a2167f4d3a2ad4e9678 |
| SHA256 | 8bf82d2e2760f88678dffdc26a0bef5c77f9f824b8dbb020be6e0ac75b3d919c |
| SHA512 | 0b1a2a2a2db4bcca3a9d4e89e507d09b633df62f6c5ff01e0617f35a15739901121ff4bb55cd05502a90161c36806a3fd8ce3b64f44ac0d60d035901f7864417 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 764baa672ff10e70e26163fbb5d6259f |
| SHA1 | bb125b133fb3e1bb74e2b4f0818533bc6c1d0789 |
| SHA256 | c2fffbd8bce1f68ecffaf717798aa3a6f2e8231c32a2b17ddb0c934336231258 |
| SHA512 | 37c68970f14092f2b12c7fbdd9141fc0ff8f8640edb7f789dcfd14af4bf5ab5ed226dba228fa13b97fb364e13412f527de681768d137a1fe1d7828cde6c02727 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe589ab4.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e02bea42c69472b57cbddd68b3d2e9d9 |
| SHA1 | b412baed465eaab3a06d6de415c5dc906bf70abc |
| SHA256 | 171f2dbe3c97e0dcabeea2921403ef3dc26e760f69f4d6f387eaaac6d8dc120a |
| SHA512 | f6e1e9b65ded9a1b66aafc02940d5a86374d167e8e2c8f9c3082cf8624413004621511666fe52797522b4ebcf12a31c24f10f38c6ab2a7d5b8695ef6ec018205 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e1b7e2fa1ef0d6055140cd29ebe3d34c |
| SHA1 | e27f1f5cf66604da0ae7896a664536cc73dec144 |
| SHA256 | f8a267b238f79fa58a9c3bfd2ef2b37d71aa3fd55853e04779ee47fb596fa31f |
| SHA512 | a7029a7add7285d73fa276318151c116aa964834880f73a05a55f455fc002a0504ebaa07b7ba46e0fb1cc1a49830e0d3ea1cd99c4bacb27fbd1817f3699b1d7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58b958.TMP
| MD5 | c45416ceeac874584a98f914719f8107 |
| SHA1 | 550f5eab8c00a4e197285f66ffc9032d2d9f4343 |
| SHA256 | 002ad8a3c985eeebedaa62e273e34787f75345a47ea4b5c1a560cfae36d237ce |
| SHA512 | 079f231768c900b4782203f42a0e425008d3652934d809b60c9a72f8e6908a1f88a070c9b0d9643a09d9d2cf4489ab45fd0a7ef379448d4b09ed493c8edcc230 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 22153f3ea1e395588d0c1a889c8e5ab9 |
| SHA1 | 68632df931f9b3ad5e0789cab0b331492bd15849 |
| SHA256 | 88e67463ba3aefaf06aa8a7350026d1b320f4e2797a436bfa15c3a5ea6ffb3f9 |
| SHA512 | df69856be9b745c2da8557ef2180f34b54de380dcf137682a7f67ce83374b9be0d91dd1cf8aa28040d49fd8e0b6765b465c0fa542cee53ac19fbe13c9cd01dd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 49fe78bab687b6de6fc5baecc3f20503 |
| SHA1 | ce8b89ceb0d9fe0b04e5b88449ad349a2d7cc151 |
| SHA256 | ce9d316cbdef102feb4dcb3be0dcd2314364929ba6ae8fd632f191b720a36512 |
| SHA512 | 50fceb04bea467d8cf3df9b887f4948bb73086fdee58b5c9970fabd96c7b618af9c1f78b72ffc07f3d05c932fa7c929976a9deb7fcfbb2a60fea9a3f99ef3798 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 16301c4e6ba979b8478f127aaeea62bf |
| SHA1 | 67ac09c9e77ed44ed95feb69ec0f460bd54b9a90 |
| SHA256 | 2d7ba593de95f6a91aada0b285f59fd42671eef5be87c17988865b2ec8bc6b73 |
| SHA512 | 375259a986924d38e0737faf27001a392901ee51dc44d5111079d20623561cd4b7c90c9d62bca341a44075f8887d0f1152a7139b1d6da5eb369a487d36667c30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f98bed682753a7000e3c264161deb470 |
| SHA1 | 9083d67fc62d31326a7b6bdd0f9c1568514a527d |
| SHA256 | e876b90628bfb5e0eaa8f24949dcdcdac4f6868c21daf7514bb575c4a8663766 |
| SHA512 | de255399500cd542334e5367883830602c25f64294f41ae8ca7c5b6ab92aa5d8ed6b9583e249421793e292a999c76a8fac2cab1aa18077cfa4730dadc19d7baa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
| MD5 | 639015a1beec4ae121bc30abc94083ce |
| SHA1 | 56a22c85291289ed230a6577db0389c7069d022e |
| SHA256 | 3f7e8c5fd9821342496870395fc82f31137ea73f77a7396fb7ac3fe0999056e8 |
| SHA512 | f5ec690c35253add1af279d2f831dcf729ca526f4f75e70d7f30f5863c02e23a1fdd391f683c1ec59139a3cd0d1889d26d8f0a159b90957a1d90600df923aba5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 63cb1b7af3cc862aa3c1e5e209e9bebf |
| SHA1 | df040285033adef42716fadef5e0b5fead15d0ad |
| SHA256 | e9d7c42dd22f4978053356063089e67455a9d08e98c4e839258e95bb01732407 |
| SHA512 | c709ebef190c85c9e8077ec8d1f6cb49c5446ce2c8896b5e37a1ec35187c87223ac545d01b66d104004350277b878c0d46dd7f8f46188c0256fa904617aa9918 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
| MD5 | 3683df1f4ffa7d08375a16dae7917f97 |
| SHA1 | 6b64edeacb4c661d906d81b996716ff5820a9fa6 |
| SHA256 | c2e95ef2a2d1cc3412d363239307857d0b411676e879739af9681d34e9834d2f |
| SHA512 | 0f8d0536d424d7a06ed9ecf2978b625a50ed22af46c1150cc7450f0036749a03aef8d0d362d8248eda0c21a27247d87bbe894538217f730a9e82aa215d445435 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5434fdc5c89be18291c92ab78ac0fca5 |
| SHA1 | 1d68381573c0537ea80c239008855bd31336d7c9 |
| SHA256 | b31cf055f21eda9c05506422bfb0f6e51653affd5d60cf778e7ffdd4183ade57 |
| SHA512 | ff2753a91c24428c29433b0e5bffd790d8e0c563135f2d280f8d787eb37fa6cdc41cffd6fbf530ecfd45bc34b35bf6cfacd4253a073446a16e773a9ea2a12992 |